diff options
Diffstat (limited to 'tests/destructive/p11-kit-load.sh')
-rw-r--r--[-rwxr-xr-x] | tests/destructive/p11-kit-load.sh | 71 |
1 files changed, 33 insertions, 38 deletions
diff --git a/tests/destructive/p11-kit-load.sh b/tests/destructive/p11-kit-load.sh index d961aa55be..8f3bff80f5 100755..100644 --- a/tests/destructive/p11-kit-load.sh +++ b/tests/destructive/p11-kit-load.sh @@ -25,8 +25,8 @@ P11TOOL="${P11TOOL:-../src/p11tool${EXEEXT}}" CERTTOOL="${CERTTOOL:-../src/certtool${EXEEXT}}" DIFF="${DIFF:-diff}" PKGCONFIG="${PKG_CONFIG:-$(which pkg-config)}" -TMPDIR="backup.$$.tmp" TMP_SOFTHSM_DIR="./softhsm-load.$$.tmp" +P11DIR="p11-kit-conf.$$.tmp" PIN=1234 PUK=1234 @@ -65,22 +65,14 @@ fi # Create pkcs11.conf with two modules, a trusted (p11-kit-trust) # and softhsm (not trusted) -DIR=$(${PKGCONFIG} --var=p11_system_config_modules p11-kit-1) -if test $? != 0 || test -z ${DIR} || test ${DIR} = '/';then - echo "Cannot determine p11-kit module config directory" - exit 1 -fi - -mkdir -p ${TMPDIR} -cp ${DIR}/* ${TMPDIR} -rm -f ${DIR}/* +mkdir -p ${P11DIR} -cat <<_EOF_ >${DIR}/p11-kit-trust.module +cat <<_EOF_ >${P11DIR}/p11-kit-trust.module module: p11-kit-trust.so trust-policy: yes _EOF_ -cat <<_EOF_ >${DIR}/softhsm.module +cat <<_EOF_ >${P11DIR}/softhsm.module module: libsofthsm2.so _EOF_ @@ -98,93 +90,96 @@ if test $? != 0; then exit 1 fi +FILTERTOKEN="sed s/token=.*//g" -# Check whether p11tool would list them both +# Check whether both are listed -nr=$(${P11TOOL} --list-tokens|grep 'Module:'|sort -u|wc -l) +nr=$(${builddir}/pkcs11/list-tokens -o ${P11DIR} -a|${FILTERTOKEN}|sort -u|wc -l) +#nr=$(${P11TOOL} --list-tokens|grep 'Module:'|sort -u|wc -l) if test "$nr" != 2;then echo "Error: did not find 2 modules ($nr)" - ${P11TOOL} --list-tokens|grep 'Module:'|sort|uniq + ${builddir}/pkcs11/list-tokens -o ${P11DIR} exit 1 fi -# Check whether p11tool with a specific provider would list only that -# That is, check whether p11tool will list the trust module -# if we only load softhsm (it should as trust modules -# are always loaded).ould list them both +## Check whether p11tool with a specific provider would list only that +## That is, check whether p11tool will list the trust module +## if we only load softhsm (it should as trust modules +## are always loaded).ould list them both + -nr=$(${P11TOOL} --provider "${SOFTHSM_MODULE}" --list-tokens|grep -c ^Token) +#nr=$(${P11TOOL} --provider "${SOFTHSM_MODULE}" --list-tokens|grep -c ^Token) +nr=$(${builddir}/pkcs11/list-tokens -o ${P11DIR} -m -s "${SOFTHSM_MODULE}"|${FILTERTOKEN}|sort -u|wc -l) if test "$nr" != 1;then echo "Error: did not find softhsm modules" - ${P11TOOL} --list-tokens --provider "${SOFTHSM_MODULE}" + ${builddir}/pkcs11/list-tokens -o ${P11DIR} -m -s "${SOFTHSM_MODULE}" exit 1 fi -FILTERTOKEN="sed s/token=.*//g" # Check whether both modules are found when gnutls_pkcs11_init # is not called but a pkcs11 operation is called. -nr=$(${builddir}/pkcs11/list-tokens -d|${FILTERTOKEN}|sort -u|wc -l) +nr=$(${builddir}/pkcs11/list-tokens -o ${P11DIR} -d|${FILTERTOKEN}|sort -u|wc -l) if test "$nr" != 2;then echo "Error in test 1: did not find 2 modules" - ${builddir}/pkcs11/list-tokens -d + ${builddir}/pkcs11/list-tokens -o ${P11DIR} -d exit 1 fi # Check whether both modules are found when gnutls_pkcs11_init # is called with the auto flag -nr=$(${builddir}/pkcs11/list-tokens -a|${FILTERTOKEN}|sort -u|wc -l) +nr=$(${builddir}/pkcs11/list-tokens -o ${P11DIR} -a|${FILTERTOKEN}|sort -u|wc -l) if test "$nr" != 2;then echo "Error in test 2: did not find 2 modules" - ${builddir}/pkcs11/list-tokens -a + ${builddir}/pkcs11/list-tokens -o ${P11DIR} -a exit 1 fi # Check whether only trusted modules are listed when the # trusted flag is given to gnutls_pkcs11_init(). -nr=$(${builddir}/pkcs11/list-tokens -t|${FILTERTOKEN}|sort -u|wc -l) +nr=$(${builddir}/pkcs11/list-tokens -o ${P11DIR} -t|${FILTERTOKEN}|sort -u|wc -l) if test "$nr" != 1;then echo "Error in test 3: did not find the trusted module" - ${builddir}/pkcs11/list-tokens -t + ${builddir}/pkcs11/list-tokens -o ${P11DIR} -t exit 1 fi # Check whether only trusted is listed after certificate verification # is performed. -nr=$(${builddir}/pkcs11/list-tokens -v|${FILTERTOKEN}|sort -u|wc -l) +nr=$(${builddir}/pkcs11/list-tokens -o ${P11DIR} -v|${FILTERTOKEN}|sort -u|wc -l) if test "$nr" != 1;then echo "Error in test 4: did not find 1 module" - ${builddir}/pkcs11/list-tokens -v + echo xxx + GNUTLS_DEBUG_LEVEL=4 P11_KIT_DEBUG=all ${builddir}/pkcs11/list-tokens -o ${P11DIR} -v exit 1 fi # Check whether only trusted is listed when gnutls_pkcs11_init # is called with manual flag and a certificate verification is performed. -nr=$(${builddir}/pkcs11/list-tokens -m -v|${FILTERTOKEN}|sort -u|wc -l) +nr=$(${builddir}/pkcs11/list-tokens -o ${P11DIR} -m -v|${FILTERTOKEN}|sort -u|wc -l) if test "$nr" != 1;then echo "Error in test 5: did not find 1 module" - ${builddir}/pkcs11/list-tokens -m -v + ${builddir}/pkcs11/list-tokens -o ${P11DIR} -m -v exit 1 fi # Check whether all modules are listed after certificate verification # is performed then a PKCS#11 function is called. -nr=$(${builddir}/pkcs11/list-tokens -v -d|${FILTERTOKEN}|sort -u|wc -l) +nr=$(${builddir}/pkcs11/list-tokens -o ${P11DIR} -v -d|${FILTERTOKEN}|sort -u|wc -l) if test "$nr" != 2;then echo "Error in test 6: did not find all modules" - ${builddir}/pkcs11/list-tokens -v -d + ${builddir}/pkcs11/list-tokens -o ${P11DIR} -v -d exit 1 fi # Check whether all modules are listed after a private key operation. -nr=$(${builddir}/pkcs11/list-tokens -p|${FILTERTOKEN}|sort -u|wc -l) +nr=$(${builddir}/pkcs11/list-tokens -o ${P11DIR} -p|${FILTERTOKEN}|sort -u|wc -l) if test "$nr" != 2;then echo "Error in test 7: did not find all modules" - ${builddir}/pkcs11/list-tokens -p + ${builddir}/pkcs11/list-tokens -o ${P11DIR} -p exit 1 fi -rm -f ${DIR}/* +rm -f ${P11DIR}/* rm -rf ${TMP_SOFTHSM_DIR} -cp ${TMPDIR}/* ${DIR}/ exit 0 |